FISMA Compliance Audit Reports

United States recognized the importance of information security to the economic and security interests of the state and enacted the FISMA in 2002. FISMA has assigned specific responsibilities to the agencies National Institute of Standards and Technology (NIST) and Office of the Management and Budget (OMB). NIST develops the standards, tests, metric, and validation programs to promote, measure, and validate the security information systems and services. FISMA requires federal agency officials to conduct annual reviews of the agency's information security program and report the results to OMB. NIST defines a broad framework for managing information security comprising of inventory of information, risk level categorization, security controls, risk assessment, system security plan, accredit ion and certification, and continuous monitoring.

In the grand scheme of things related to security of information and information systems of US federal agencies, EventLog Analyzer effectively addresses the security controls, risk assessment, and continuous monitoring aspects of the framework.

The following controls are covered in the reports:

Audit and Accountability (AU)

Certification, Accreditation, and Security Assessments (CA)

Contingency Planning (CP)

Access Control (AC)

Identification and Authentication (IA)

Configuration Management (CM)

EventLog Analyzer provides the following reports to help comply with the FISMA regulation controls:

"Windows Event logs and device Syslogs are a real time synopsis of what is happening on a computer or network. EventLog Analyzer is an economical, functional and easy-to-utilize tool that allows me to know what is going on in the network by pushing alerts and reports, both in real time and scheduled. It is a premium software Intrusion Detection System application."